Correct me if I am wrong, we can create an Internal Role and add a privilege to manage how IDM 6.5 can interact with a property.
For example I can assign a privilege to a Managed Object that has a permission Can View and assign the Attributes the Read permission. However if I select Can Create
Unable to update resource. Validation Failed. Reason(s): - privileges: - permissions: Required attributes must be Read/Write when privilege has Create permission. Missing required attributes: xxxx, xxxx
In essence I am trying to achieve through the Admin UI locking down the changing of Managed Object Properties once it has been created.
I am assuming that I need to add the additional query filter to ensure that if a value is present then it become Read.
Is what i am proposing a sound approach or is there a better way t manage this?